Software Integrity Blog

Archive for the 'Agile, CI/CD & DevOps' Category

 

[Webinars] DevOps, security tool abuse, Coverity and Threadfix

Practice DevSecOps with automated continuous testing, defend your apps from security tool misuse, and learn how Coverity and ThreadFix enable developers.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Developer Enablement, Webinars | Comments Off on [Webinars] DevOps, security tool abuse, Coverity and Threadfix

 

How to teach developers secure coding without slowing them down

Secure coding training isn’t required in most computer science programs. How can you fill the gaps in your developers’ education without slowing them down?

Continue Reading...

Posted in Agile, CI/CD & DevOps, Developer Enablement, Security Training | Comments Off on How to teach developers secure coding without slowing them down

 

[Webinars] DevSecOps, JavaScript security, and automotive security

Learn how to reduce your anxiety with DevSecOps, review JavaScript security in modern applications, and improve automotive cyber security after production.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Automotive Security, Web Application Security, Webinars | Comments Off on [Webinars] DevSecOps, JavaScript security, and automotive security

 

What is continuous testing?

Continuous testing means testing an application continuously throughout the software life cycle. It’s a critical part of CI/CD and—like any other part—should be automated.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Interactive Application Security Testing (IAST) | Comments Off on What is continuous testing?

 

Using the cloud as a cheap DevSecOps lab environment

A DevSecOps lab gives you valuable hands-on experience with the tools and technologies you need to evaluate. Thanks to the cloud, it’s cheap to create one.

Continue Reading...

Posted in Agile, CI/CD & DevOps | Comments Off on Using the cloud as a cheap DevSecOps lab environment

 

[Webinar] Risk-Based Adaptive DevSecOps

In our DevSecOps webinar, Meera Rao explains how to close the gap between DevOps and security with a risk-based adaptive pipeline. Available on demand.

Continue Reading...

Posted in Agile, CI/CD & DevOps | Comments Off on [Webinar] Risk-Based Adaptive DevSecOps

 

What AppSec tools are in your DevOps toolshed?

AppSec tools are essential to creating secure applications and preventing data breach. But how do you integrate them effectively into your DevOps workflow?

Continue Reading...

Posted in Agile, CI/CD & DevOps | Comments Off on What AppSec tools are in your DevOps toolshed?

 

Want to secure your apps? Build security in with the right toolchain

Having the right application security toolchain is the most effective way to build security in, which is critical to securing modern apps against attacks.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Software Architecture and Design | Comments Off on Want to secure your apps? Build security in with the right toolchain

 

Tanya Janca at RSA on better AppSec: Play nice with DevOps

The DevOps and security relationship is often tense—but does it have to be? At RSA 2019, Tanya Janca explained how teams can play nice, and why they ought to.

Continue Reading...

Posted in Agile, CI/CD & DevOps | Comments Off on Tanya Janca at RSA on better AppSec: Play nice with DevOps

 

The hidden costs and risks of free puppies (and open source)

SCA tools are an essential part of your AppSec toolkit, because free and open source software—just like free puppies—comes with hidden costs and risks.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Maturity Model (BSIMM), Open Source Security, Software Composition Analysis | Comments Off on The hidden costs and risks of free puppies (and open source)